GPG Key Transition
My current PGP/GnuPG key is expiring, so I've rolled a new one. The ID of the new key
0x3C7775DD37811E62 (full fingerprint:
1ED5 E5A3 01C3 D109 9040 2289 3C77 75DD 3781 1E62)
and it should be in your favorite keyservers,
cross-signed by my old key. You can also find it at https://files.roguelazer.com/roguelazer.gpg.
It has also been attached to my keybase.io account and my Github
profile. My previous key (
) has not been revoked
and has not been compromised, but you should still stop using it if possible. The new key is a 4096-bit RSA
key with SHA-2 digest signatures — I'm not quite bold enough to switch to ECC for a long-lived key yet.
My signed transition document is below, and can also be found at 2019-04-27-key-transition-statement.txt.asc if you prefer to download it directly.
Additionally, I have generated a separately-signed key with ID
0x233E5EAF0EC3ABA9 (full fingerprint:
14E8 9660 188D BC9B 2C17 67AA 233E 5EAF 0EC3 ABA9). This key should not be used for communication,
but will only be used to sign VCS commits/tags/&c (in Git and perhaps in
Pijul1). It's going to be on my [managed] work computer2, so treat it with a grain